Microsoft Edge security was recently strengthened to block unsigned DLLs which are sometimes present on a malicious site.  Even legitimate sites can become infected from injection attacks that occur due to website security weaknesses. These latest Microsoft Edge release was automatically provided to Windows 10 users recently.

In May, we announced that Microsoft Edge was saying goodbye to binary extensibility models such as ActiveX and Browser Helper Objects. This change made browsing in Windows faster, more secure, and more stable than ever, while paving the way for better interoperability with other browsers and modern extension models. Those improvements are at risk, however, if uninvited extensions in the form of DLLs (Dynamic-Link Library) are injected into the browser. The latest Windows 10 updates strengthen Microsoft Edge with industry-leading enforcement against loading unauthorized DLLs into Microsoft Edge content processes.

Starting with EdgeHTML 13, Microsoft Edge defends the user’s browsing experience by blocking injection of DLLs into the browser unless they are Windows components or signed device drivers. DLLs that are either Microsoft-signed, or WHQL-signed, will be allowed to load, and all others will be blocked. “Microsoft-signed” allows for Edge components, Windows components, and other Microsoft-supplied features to be loaded. WHQL (Windows Hardware Quality Lab) signed DLLs are device drivers for things like the webcam, some of which need to run in-process in Edge to work. For ordinary use, users should not notice any difference in Microsoft Edge.

This change arrives as part of EdgeHTML 13, which is included with the latest automatic updates to Windows 10. Like many other Microsoft Edge security enhancements, this DLL code signing mitigation will make it less likely for the browser to be hacked. It also reinforces Microsoft Edge against unwelcome binary “extensions” that slow down and or destabilize the browser.